Las Vegas casino company warns of data breaches

BY MICHELLE RINDELS | December 20, 2013

LAS VEGAS — A Las Vegas company that owns casinos in Nevada, Colorado, Iowa and Missouri fell victim to a cyberattack earlier this year, compromising the credit and debit card information of patrons at 11 sites, company officials said Friday.

Affinity Gaming officials said its system is now secure, but it recommended that customers who visited its casinos and hotels between March 14 and Oct. 16 check their card statements for suspicious activity and put a fraud alert on their accounts.

"Affinity regrets any inconvenience this incident may cause and has established a confidential, toll-free inquiry line to assist its customers," the company said in a statement Friday.

The company was notified Oct. 24 about fraudulent charges that may have been linked to an Affinity casino in Iowa. Affinity said it immediately began an investigation that determined the system used throughout the casino chain was infected by malware.

A notice was posted on the company's website Nov. 14, while Friday's notice was distributed more broadly.

It wasn't clear how many cardholders are affected, but Affinity's lawyer, Jim Prendergast, estimated it was fewer than 300,000.

Authorities were still investigating the source of the hack. Las Vegas police and officials from the FBI and Nevada Gaming Control Board weren't immediately available to comment on the situation.